cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
722
Views
3
Helpful
4
Replies

Tunnel down issue with crypto applied

HCL Support
Level 1
Level 1

Hi,

We have one central Router 3845  having tunnel's configured for the remote sites and having crypto map Applied on these interfaces.

The remote site's Router having crypto map applied on the serial (WAN) interface.

Issue: As per discussion with concern whenever there is WAN Link flapping then the respective tunnel gets down but the source/destination IP addresses reachable and getting ping but when crypto map is removed from any tunnel (Primary or Backup) then tyhe tunnel gets UP showing protocol UP.

Attaching here show tech for both the central Router/Remote Router. Confirm us if there is any BUG impact for this tunnel down issue with crypto map in case if WAN Link flap.

Regards,

Ashutosh

4 Replies 4

HCL Support
Level 1
Level 1

Hi,

Can any one suggest me on this case??

The respective logs already attached there to checkout the same.

Regards,

Ashutosh

can u upload network layout design

Hi,

You mentioned that WAN link is flapping. If it s flapping, it is very much possible that you might be having intermittent contectivity and hence you can ping the remote sites.

However as far as concern regarding the Tunnels state down is, it is staying down as cypto session might not be able to get up for long time as WAN link is flapping.

Can you do a ping with erpeat count of 1000 and check how many packet are getting failed when this happend.

Also keep terminal monitor on while you do this, so that tunnel flaps and WAN link flaps can be observed.

Regards,

Sukanya

Hi,

Thanks for your response.

As per discussion with the concern, the respective WAN Link is not flapping continue but goes down once on some particular day and when the Link gets restored then tunnel remains down and the source/destination IP addresses reachable and getting ping but when crypto map is removed from any tunnel (Primary or Backup) then the tunnel gets UP showing protocol UP.

Suggest if there is some BUG impact as I have checked the running IOS is deferred with Cisco.

Regards,

Ashutosh

Review Cisco Networking for a $25 gift card